GRC Officer

 

The Role

 

Techary redefines the way customers procure, implement, and support their organisations' technology. We are looking for a proactive Governance, Risk & Compliance (GRC) Officer to support and strengthen our internal Information Security posture and to help deliver compliance services to our customers. 

The role sits within our Information Security team and will focus on managing and maturing our internal governance processes, maintaining key accreditations, and assisting customers in achieving similar certification goals.

The GRC Officer will own the lifecycle of policies, controls, evidence gathering, and assurance of activities across frameworks including Cyber Essentials, Cyber Essentials Plus, ISO27001:2022, and future standards such as ISO:9001, ISO:42001, and others. This position requires excellent organisational skills, strong communication, and the ability to coordinate activities across multiple departments to ensure ongoing compliance.

 

Key Responsibilities:

 

• Maintain and mature Techary’s existing certifications; Cyber Essentials, Cyber Essentials Plus, ISO27001 :2022, and future relevant accreditations.
• Develop, review, update, and version-control internal policies, procedures, standards, and documentation.
• Ensure operational compliance tasks (e.g., quarterly restoration tests, internal audits, risk reviews, access reviews, training audits) are scheduled, completed, tracked, and evidenced.
• Maintain risk registers, compliance metrics, control evidence repositories, and associated audit workflows.
• Coordinate internal and external audits, including preparation, evidence collection, and remediation tracking.
• Monitor regulatory and industry changes to ensure ongoing alignment with evolving standards.
• Consult with customers to help implement, manage or mature their compliance to standards such as Cyber Essentials, Cyber Essentials Plus, ISO:27001, or other frameworks.
• Assist customers with policy creation, accreditation readiness, gap assessments, and readiness planning.
• Provide best practice guidance.
• Support the Information Security team in identifying, monitoring, and reporting on risks and compliance posture.
• Assist in vendor risk assessments and third-party due diligence.
• Track corrective actions, deviations, and continuous improvements.

 

Essential Skills:

 

• Experience working in a GRC, Information Security, Compliance, or Audit role.
• Working knowledge of frameworks such as Cyber Essentials, Cyber Essentials Plus, ISO:27001, and ideally ISO:9001 or other industry standards.
• Strong understanding of governance documentation (policies, processes, standards, evidence).
• Ability to organise and manage multiple tasks, deadlines, and cross-departmental dependencies.
• Excellent communication skills, comfortable working with both technical and non-technical stakeholders.
• High attention to detail and strong organisational skills.

 

Desirable Skills:

 

• Experience participating in internal and external audits.
• Experience supporting or delivering compliance frameworks for customers or third parties.
• Knowledge of risk management methodologies (e.g., ISO:31000, NIST).
• Familiarity with security tools or GRC platforms.
• Relevant certifications (e.g., ISO :27001 Lead Implementer/Auditor, CompTIA Security+, GRC certifications).

 

Benefits

 

At Techary, we embrace a family culture and believe in working as a team to overcome any challenge we face.

 

Employee benefits include:

 

• Birthday as a free day holiday.
• Social events run throughout the year.
• Free breakfast, snacks and drinks.
• Lunch provided Friday.

 

Job Type: Permanent